public static void CreateSmartCardCertificate(string name, string passphrase, string upn, string email, string c, string st, string l, string o, string ou) { var config = $"{CaIntermediateDirectory}/{name}.openssl.cnf"; if (!File.Exists(config)) { var applicationSetting = new AppConfiguration().Get(); FileWithAcl.WriteAllLines(config, CaConfigurationFiles.IntermediateCaSmartCardOpensslCnf( CaIntermediateDirectory, $"http://{GetThisIp()}:{applicationSetting.AntdPort}/services/ca/crl", upn ), "644", "root", "wheel"); } var key = $"{CaIntermediateDirectory}/private/{name}.key.pem"; if (!File.Exists(key)) { Bash.Execute($"openssl genrsa -aes256 -out {key} -passout pass:{passphrase} 2048"); Bash.Execute($"chmod 400 ${key}"); } var csr = $"{CaIntermediateDirectory}/csr/{name}.csr.pem"; if (!File.Exists(key)) { Bash.Execute($"openssl req -config {config} -key {key} -new -sha256 -out {csr} -passin pass:{passphrase} -subj \"/C={c}/ST={st}/L={l}/O={o}/OU={ou}/CN={name}/emailAddress={email}\""); } var cert = $"{CaIntermediateDirectory}/certs/{name}.cert.pem"; if (!File.Exists(cert)) { Bash.Execute($"openssl ca -config {config} -extensions usr_cert -days 375 -notext -md sha256 -in {csr} -out {cert}"); Bash.Execute($"chmod 444 ${cert}"); } }
public static void PrepareConfigurationFile() { // /data/ca/openssl.cnf if (!File.Exists($"{CaMainDirectory}/openssl.cnf")) { FileWithAcl.WriteAllLines($"{CaMainDirectory}/openssl.cnf", CaConfigurationFiles.RootCaOpensslCnf(CaMainDirectory), "644", "root", "wheel"); } }
public static void PrepareIntermediateConfigurationFile() { if (!File.Exists($"{CaIntermediateDirectory}/openssl.cnf")) { var applicationSetting = new AppConfiguration().Get(); FileWithAcl.WriteAllLines($"{CaIntermediateDirectory}/openssl.cnf", CaConfigurationFiles.IntermediateCaOpensslCnf(CaIntermediateDirectory, $"http://{GetThisIp()}:{applicationSetting.AntdPort}/services/ca/crl"), "644", "root", "wheel"); } }
public void PrepareConfigurationFile() { // /data/ca/openssl.cnf if (!File.Exists($"{_caMainDirectory}/openssl.cnf")) { File.WriteAllLines($"{_caMainDirectory}/openssl.cnf", CaConfigurationFiles.RootCaOpensslCnf(_caMainDirectory)); } }